[Info-vax] "Linux Shminux - IPsec is Snake Oil!" VMS Mgmnt
Bill Gunshannon
billg999 at cs.uofs.edu
Mon Apr 13 18:06:20 EDT 2009
In article <176uZD2KcidF-pn2-Ng1UCvMHmXDL at rikki.tavi.co.uk>,
"Bob Eager" <rde42 at spamcop.net> writes:
> On Mon, 13 Apr 2009 18:04:22 UTC, JF Mezei
> <jfmezei.spamnot at vaxination.ca> wrote:
>
>> Bob Eager wrote:
>>
>> > Maybe. Mine is the opposite. Everything has a public IP address.
>>
>> There is nothing wrong with feeling at ease with being exposed to the
>> world, borderline exhibitionist...
>
> If I were exposed to the world, I'd be worried...NAT is not a universal
> panecea.
Yeah, but it is amazing how many people think it is some kind of a
security system. There are many ways to get past a NATed system.
>
>> NAT routers really provide 2 functions: the NAT and a firewall function.
>>
>> Just because you go IPv6 and no longer need NAT doesn't mean that your
>> router will lose its firewall capabilities. In fact, they should be
>> augmented.
>
> I agree. And my firewall is a dedicated machine, not just the stuff in a
> cheap router.
As it shoudl be. And not just a linux box pretending to be a firewall.
bill
--
Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves
billg999 at cs.scranton.edu | and a sheep voting on what's for dinner.
University of Scranton |
Scranton, Pennsylvania | #include <std.disclaimer.h>
More information about the Info-vax
mailing list